From 9a6ffbf0d9416d10422d2ebea6fd53882100ee76 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 1 Nov 2024 18:50:24 -0400 Subject: [PATCH 1/2] more fun with for-each --- .pre-commit-config.yaml | 8 ++++---- .terraform.lock.hcl | 40 ++++++++++++++++++++++++++++++++++++++++ README.md | 10 +++++----- main.tf | 11 ++++++----- 4 files changed, 55 insertions(+), 14 deletions(-) create mode 100644 .terraform.lock.hcl diff --git a/.pre-commit-config.yaml b/.pre-commit-config.yaml index 503bd08..697d848 100644 --- a/.pre-commit-config.yaml +++ b/.pre-commit-config.yaml @@ -1,9 +1,9 @@ repos: - repo: https://github.com/antonbabenko/pre-commit-terraform # rev: v1.31.0 - rev: v1.47.0 + rev: v1.96.2 hooks: -# - id: terraform_validate + - id: terraform_validate - id: terraform_fmt - id: terraform_docs_replace args: ['table'] @@ -11,8 +11,8 @@ repos: # exclude: version.tf - repo: https://github.com/pre-commit/pre-commit-hooks - rev: v3.1.0 + rev: v5.0.0 hooks: - id: check-symlinks - - id: detect-aws-credentials + # - id: detect-aws-credentials - id: detect-private-key diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl new file mode 100644 index 0000000..9e6a560 --- /dev/null +++ b/.terraform.lock.hcl @@ -0,0 +1,40 @@ +# This file is maintained automatically by "terraform init". +# Manual edits may be lost in future updates. + +provider "registry.terraform.io/hashicorp/aws" { + version = "5.74.0" + constraints = ">= 3.66.0" + hashes = [ + "h1:HMaN/L2hf1PN2YLdlQRbE49f4RF7VuqEVpqxNtJ2+18=", + ] +} + +provider "registry.terraform.io/hashicorp/external" { + version = "2.3.4" + constraints = ">= 2.2.0" + hashes = [ + "h1:XWkRZOLKMjci9/JAtE8X8fWOt7A4u+9mgXSUjc4Wuyo=", + ] +} + +provider "registry.terraform.io/hashicorp/null" { + version = "3.2.3" + hashes = [ + "h1:+AnORRgFbRO6qqcfaQyeX80W0eX3VmjadjnUFUJTiXo=", + ] +} + +provider "registry.terraform.io/hashicorp/template" { + version = "2.2.0" + hashes = [ + "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=", + ] +} + +provider "registry.terraform.io/trevex/ldap" { + version = "0.5.4" + constraints = ">= 0.5.4" + hashes = [ + "h1:0gzSlILdaOsGsIGUGDSBiLHCbkawVOTHcj60K4x0EnA=", + ] +} diff --git a/README.md b/README.md index 1bb264b..fabdd97 100644 --- a/README.md +++ b/README.md @@ -129,11 +129,11 @@ module "myrole3" { | Name | Version | |------|---------| -| [aws](#provider\_aws) | >= 3.66.0 | -| [external](#provider\_external) | >= 2.2.0 | -| [ldap](#provider\_ldap) | >= 0.5.4 | -| [null](#provider\_null) | n/a | -| [template](#provider\_template) | n/a | +| [aws](#provider\_aws) | 5.74.0 | +| [external](#provider\_external) | 2.3.4 | +| [ldap](#provider\_ldap) | 0.5.4 | +| [null](#provider\_null) | 3.2.3 | +| [template](#provider\_template) | 2.2.0 | ## Modules diff --git a/main.tf b/main.tf index 03a693e..01f382c 100644 --- a/main.tf +++ b/main.tf @@ -124,10 +124,11 @@ #* ec2_attached_policies = [] locals { - account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id - region = data.aws_region.current.name - account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" - account_alias = var.account_alias != "" && var.account_alias != null ? var.account_alias : "none" + account_id = var.account_id != "" ? var.account_id : data.aws_caller_identity.current.account_id + region = data.aws_region.current.name + account_environment = data.aws_arn.current.partition == "aws-us-gov" ? "gov" : "ew" + account_alias = var.account_alias != "" && var.account_alias != null ? var.account_alias : "none" + attached_policies_map = { for idx, policy in var.attached_policies : idx => policy } # _ec2_role_name = var.ec2_role_name != "" ? var.ec2_role_name : var.role_name role_name = format("%v%v", lookup(local._prefixes, "role", ""), var.role_name) @@ -183,7 +184,7 @@ resource "aws_iam_role" "role" { } resource "aws_iam_role_policy_attachment" "role" { - for_each = var.create ? toset(var.attached_policies) : toset([]) + for_each = var.create ? local.attached_policies_map : toset([]) role = var.create ? aws_iam_role.role[0].name : "" policy_arn = each.value } From 4a799eceaf8cfed330976a83c2228aeaaa7902a9 Mon Sep 17 00:00:00 2001 From: "Matthew C. Morgan" Date: Fri, 1 Nov 2024 18:50:43 -0400 Subject: [PATCH 2/2] not the lock --- .terraform.lock.hcl | 40 ---------------------------------------- 1 file changed, 40 deletions(-) delete mode 100644 .terraform.lock.hcl diff --git a/.terraform.lock.hcl b/.terraform.lock.hcl deleted file mode 100644 index 9e6a560..0000000 --- a/.terraform.lock.hcl +++ /dev/null @@ -1,40 +0,0 @@ -# This file is maintained automatically by "terraform init". -# Manual edits may be lost in future updates. - -provider "registry.terraform.io/hashicorp/aws" { - version = "5.74.0" - constraints = ">= 3.66.0" - hashes = [ - "h1:HMaN/L2hf1PN2YLdlQRbE49f4RF7VuqEVpqxNtJ2+18=", - ] -} - -provider "registry.terraform.io/hashicorp/external" { - version = "2.3.4" - constraints = ">= 2.2.0" - hashes = [ - "h1:XWkRZOLKMjci9/JAtE8X8fWOt7A4u+9mgXSUjc4Wuyo=", - ] -} - -provider "registry.terraform.io/hashicorp/null" { - version = "3.2.3" - hashes = [ - "h1:+AnORRgFbRO6qqcfaQyeX80W0eX3VmjadjnUFUJTiXo=", - ] -} - -provider "registry.terraform.io/hashicorp/template" { - version = "2.2.0" - hashes = [ - "h1:94qn780bi1qjrbC3uQtjJh3Wkfwd5+tTtJHOb7KTg9w=", - ] -} - -provider "registry.terraform.io/trevex/ldap" { - version = "0.5.4" - constraints = ">= 0.5.4" - hashes = [ - "h1:0gzSlILdaOsGsIGUGDSBiLHCbkawVOTHcj60K4x0EnA=", - ] -}